We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

PDF Security

    • 33337
    • 3,975 Posts
    Zaigham (aka zi) Reply #1, 18 years, 11 months ago
    Impact: Execution of arbitrary code via network, User access via network
    Version(s): 6.0 and prior versions
    Description: White-Knight of the Alpha Hackers Digital Security Team reported a vulnerability in Adobe Acrobat Reader. A remote user may be able to cause arbitrary code to be executed.

    A remote user can create a specially crafted PDF file that, when loaded by Acrobat Reader, will trigger an Invalid-ID-Handle-Error in 'AcroRd32.exe'. User supplied values may be written to certain memory locations and potentially executed.
    Impact: A remote user may be able to create a PDF file that, when loaded by the target user, will execute arbitrary code on the target user's system.
    Solution: No solution was available at the time of this entry.

    Read More.... -> http://www.securitytracker.com/alerts/2005/Apr/1013774.html
      Zaigham R - MODX Professional | Skype | Email | Twitter

      Digging the interwebs for #MODX gems and bringing it to you. modx.link
    • sottwell Reply #2, 18 years, 11 months ago
      I've got a solution! Get a Mac :wink:
        Studying MODX in the desert - http://sottwell.com
        Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
        Join the Slack Community - http://modx.org